Recruiting for the Cyber Wars

Uncle Sam wants you - to help defend against Internet threats. But is the military any place for slackers and hackers?

Keith Epstein and Brian Grow | BusinessWeek.com

League of Electronic Nations

But there are some surprising indications that the cyber-war future is here already, and in disturbing abundance. The U.S., China, and Russia are building up their cyber forces. “For the Chinese, info war is the next realm. They are never going to go tank to tank with the U.S.,” says Matthew G. Devost, a former Pentagon network security tester and chief executive officer of Total Intelligence Solutions in Alexandria, Va. The Chinese military offers prizes to its best computer hackers, and according to a January, 2006, white paper by the Chinese military, it has a three-stage strategy between now and 2050 to win an “informationized war,” one that is fast-paced and mostly digital.

The superpowers are hardly alone. The league of electronically prying, prodding, and posturing nations now numbers well into the dozens—by some tallies, closer to 100. A report published in August, 2006 by the office of Joel F. Brenner, counterintelligence executive for the director of national intelligence, noted that his office discovered at least 108 countries engaged in “collection efforts against sensitive and protected U.S. technologies,” up from 37 a decade ago. The report doesn’t name many names, though it identifies China and Russia as among “the most aggressive” in targeting the U.S.

Spying on Defense Contractors on the Rise

The Russian government also denies participating in such activity. “Russia has never engaged in any kind of cyber intrusions in the U.S. or any other countries,” says Yevgeniy Khorishko, the Russian government’s spokesman at its embassy in Washington. “All these kinds of reports and articles that appear from time to time are pure speculation. They don’t deserve to be commented upon.”

Suspicious activity associated with attempts at spying and stealing information from defense contractors is on the rise, too – especially from nations along the Pacific Rim and Asia, according to another declassified 2006 report by the Defense Security Service, which helps contractors keep tabs on espionage attempts.

In particular, the report noted a “dramatic increase in the number of incidents involving government affiliated entities,” and rising use of the Internet as a tool of choice. “The potential gain from even one successful computer intrusion makes it an attractive, relatively low-risk option for any country seeking access to sensitive information stored on U.S. computer networks,” the report notes, while predicting the risk to sensitive information from cyber spies “will increase as more countries gain the expertise to exploit those systems.”
Weapons of Mass Disruption

In the U.S., the latest wave of sophisticated, precisely targeted attacks prompted the Defense Dept. last summer to give the incursions and thefts of sensitive data a new name: “advanced persistent threats.” The phrase is meant to underscore both the virulent nature of this type of cyber intrusion and their origin: hackers working for foreign nations.

Pentagon insiders refer to the malicious software and devious methods of state-sponsored hackers as “weapons of mass disruption.” U.S. military and intelligence officials worry about damage being inflicted by professionals, well-trained, backed by large sums of money, and making use of their own homegrown innovations. “Our adversaries are very good. But I’m not sure we’ve seen their best,” says Lieutenant General Charles E. Croom, who heads the Pentagon’s Joint Task Force for Global Network Operations.

A Different Kind of Soldier

The U.S. Air Force is preparing for a digital onslaught. It now aggressively seeks recruits, identifying cyber space in all its recruitment ads as its new domain of military activity. The Air Force has long had a role in aviation, of course, and also in space. Now it’s adding cyber space. Among skills said to be in demand: the use of “hack backs” that probe intruders’ own systems, and outright offensive measures. “Everything out there can reach and touch us,” says General John C. “Chris” Inglis, deputy director of the National Security Agency. “We must be able to outmaneuver our adversaries.”

Despite the alarming rise of cyber intrusions and a new sense of urgency, some traditions are hard to break. When General Lord told Air Force officials he wanted to reach out to hackers through a forum on Slashdot, some of his colleagues advised against it. “There were elements of the Air Force that didn’t think I should engage the Slashdot guys,” he says. “They’re not the kind [of soldier] that I grew up with where you marched to breakfast in the morning. This is a different kind of crowd.”

General Lord says he ignored the advice because the U.S. needs top-notch cyber soldiers. “It’s speed of light warfare, it’s not speed of sound warfare. It’s faster than our F-22.”